18 matches found
EUVD-2016-6322
Malware in sbrugna...
EUVD-2016-8040
Malware in sbrugna...
EUVD-2016-6649
Malware in sbrugna...
Security Bulletin:TLS Protocol 64-bit Cipher Vulnerability in Multiple N series Products (CVE-2016-2183)
Summary Multiple N series products utilize the TLS protocol. Any system using the TLS protocol with 64-bit block ciphers that are used in long running connections are vulnerable to a birthday attack referred to as SWEET32. When exploited, the vulnerability may lead to the unauthorized disclosure ...
Security Bulletin: CVE-2015-4000 Diffie-Hellman Export Cipher Suite Vulnerabilities in Multiple N series Products
Summary A vulnerability known as Logjam may affect multiple N series products and the impact is under investigation. Versions 1.2 and earlier of the Transport Layer Security TLS protocol can allow man-in-the-middle MITM attackers to conduct downgrade attacks. Multiple N series Products has...
Vulnerability fixed in NetApp Active IQ Unified Manager and Snap Creator Framework
NetApp has fixed a vulnerability in JQuery as used in Active IQ Unified Manager and Snap Creator Framework, among others. The vulnerabilities allow an unauthenticated malicious person to to access sensitive data or manipulate data. NetApp has released updates to fix the vulnerabilities in Active ...
Vulnerability fixed in NetApp
Netapp Snap Creator Framework includes Apache Tomcat. Apache Tomcat versions 8.5.1 through 8.5.59, 9.0.0.M5 through 9.0.39, and 10.0.0-M1 through 10.0.0-M9 are susceptible to a vulnerability that, when successfully exploited, can lead to the disclosure of sensitive information. Netapp has release...
Code injection
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
Security Bulletin: Apache Commons Collection Java Deserialization Vulnerability in Multiple N series Products
Summary Multiple N series products incorporate the Apache Commons Collection library. Versions of Apache Commons Collection before 3.2.2 and including 4.0 are susceptible to a vulnerability that could be exploited to allow remote attackers to execute arbitrary commands on the system. Multiple N...
CVE-2016-5372
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
CVE-2016-5372
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
CVE-2016-5372
NetApp Snap Creator Framework CVE-2016-5372 is a CSRF vulnerability affecting versions prior to 4.3.0P1. A remote attacker could hijack user authentication and, per CNVD details, perform unauthorized operations and gain privileges for affected applications via unknown vectors. Mitigation: upgrade...
CVE-2016-5372
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
Information disclosure
NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user...
CVE-2016-7172
CVE-2016-7172 affects NetApp Snap Creator Framework prior to version 4.3.1, where an information disclosure vulnerability allows unauthorized viewing of sensitive data. The issue is tied to NetApp Snap Creator Framework and is documented across multiple sources (NVD/CNVD/etc.) with consistent pro...
NetApp Snap Creator Framework Cross-Site Request Forgery Vulnerability
NetApp Snap Creator Framework is the United States NetApp company's set of integrated NetApp functionality plug-ins and popular third-party applications framework. A cross-site request forgery vulnerability exists in versions of NetApp Snap Creator Framework prior to 4.3.P1, which can be exploite...
NetApp Snap Creator Framework Clickjacking Vulnerability
NetApp Snap Creator Framework is the United States NetApp company's set of integrated NetApp functionality plug-ins and popular third-party applications framework. A clickjacking vulnerability exists in NetApp Snap Creator Framework version 4.3P1, which can be exploited by an attacker to compromi...